Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: negative file sizes are now rejected in squashfsread inode. Syskaller reported a “WARNING in ovlcopyupfile” in overlayfs. This warning occurs because the underlying Squashfs file system returns a file with a negative...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A use-after-free vulnerability was discovered in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c within the SCSI sub-component of the Linux kernel. This flaw allows an attacker to access internal kernel information...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Error handling in sasPhyAdd was fixed. If transportAddDevice fails in sasPhyAdd, the kernel may crash when trying to delete the device using transportRemoveDevice, which is called from sasRemoveHost. The...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: The Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to numonlinecpus + 1. If this number is exceeded, the kernel will issue a warning when the driver attempts to...

CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

Zyxel ATP Cross-Site Scripting Vulnerability

Zyxel ATP is a firewall from China-based Zyxel. A cross-site scripting vulnerability exists in Zyxel ATP, which stems from a cross-site scripting XSS vulnerability in the CGI program. Affected products and versions: Zyxel ATP series versions 5.10 through 5.37, USG FLEX series versions 5.00 throug...

Dell EMC Secure Connect Gateway 信任管理问题漏洞

Dell EMC Secure Connect Gateway Dell Emc Scg is a type of secure connectivity gateway from Dell USA. A security vulnerability exists in Dell EMC SCG Policy Manager versions 5.10 through 5.12, which originates from an attacker being able to log in to the system with a hard-coded encryption key to...

PT-2022-6358 · Dell Emc · Dell Emc Scg Policy Manager

Name of the Vulnerable Software and Affected Versions: Dell EMC SCG Policy Manager versions 5.10 through 5.12 Description: The issue is related to the use of a hard-coded cryptographic key in the Policy Manager software of Dell Secure Connect Gateway SCG. An attacker with knowledge of the...